Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nacos2.4.3 nacos.security.ignore.urls开启了鉴权之后不生效 #13153

Open
yomixvii opened this issue Mar 5, 2025 · 3 comments
Open

nacos2.4.3 nacos.security.ignore.urls开启了鉴权之后不生效 #13153

yomixvii opened this issue Mar 5, 2025 · 3 comments
Labels
kind/question Category issues related to questions or problems

Comments

@yomixvii
Copy link

yomixvii commented Mar 5, 2025

nacos.core.auth.enabled=true开了鉴权之后

nacos.security.ignore.urls=/,/error,//*.css,//.js,/**/.html,//*.map,//.svg,/**/.png,//*.ico,/console-ui/public/,/v1/auth/,/v1/console/health/,/actuator/,/v1/console/server/,/v2/core/cluster/node/**
配置了/v2/core/cluster/node/** 这个内容

以下是web访问报错内容,权限不足:
Whitelabel Error Page
This application has no explicit mapping for /error, so you are seeing this as a fallback.

Wed Mar 05 11:11:09 CST 2025
There was an unexpected error (type=Forbidden, status=403).
user not found!
@yomixvii
Copy link
Author

yomixvii commented Mar 5, 2025

不开启鉴权的情况是能正常访问的

@yomixvii
Copy link
Author

yomixvii commented Mar 5, 2025

http://127.0.0.1:8848/nacos/v2/core/cluster/node/self

@KomachiSion
Copy link
Collaborator

nacos.security.ignore.urls 这个参数在使用非nacos/ldap类型的鉴权插件时生效,用于告知spring security哪些uri可以忽略鉴权。

当使用nacos/ldap类型的鉴权插件时, 所有声明非公开的接口(Secured注解标注的)都会使用nacos/ldap类型的鉴权插件进行鉴权。

@KomachiSion KomachiSion added the kind/question Category issues related to questions or problems label Mar 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/question Category issues related to questions or problems
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@KomachiSion @yomixvii